PfSense 2.1 still using OpenSSL 0.9.8y?
-
[2.1-RELEASE][root@xxx]/home/phil.davis(6): openssl version OpenSSL 0.9.8y 5 Feb 2013 [2.1-RELEASE][root@xxx]/home/phil.davis(12): /usr/bin/openssl version OpenSSL 0.9.8y 5 Feb 2013 [2.1-RELEASE][root@xxx]/home/phil.davis(7): /usr/local/bin/openssl version OpenSSL 1.0.1e 11 Feb 2013
The one used by the pfSense code is in /usr/local/bin/openssl and is explicitly run from there.
-
Brilliant! Thank you sir. .
-
And it'll be 1.0.1.f in pfSense 2.1.1
-
Hi jimp, nice to know. I didn't see any information regarding the cryptodev but would like to know if 2.1.1 includes the tweaked cryptodev (pipelining to utilize AES-NI properly) or would we have to wait till 2.2 for this?
-
That will have to wait for 2.2
-
Thank you for the information update!
I'll look forward to 2.2 being rolled-out then.
-
Why is the old version included if it isn't used? Seems like it would just take up space and present a risk that a program would accidentally use it.
-
Why is the old version included if it isn't used? Seems like it would just take up space and present a risk that a program would accidentally use it.
It is the version from FreeBSD's base used for things like ssh. It's very difficult to get some parts to work with only the ports OpenSSL on FreeBSD. It'll be a non-issue once we're on FreeBSD 10 and the base is up-to-date.
-
Why is the old version included if it isn't used? Seems like it would just take up space and present a risk that a program would accidentally use it.
It is the version from FreeBSD's base used for things like ssh. It's very difficult to get some parts to work with only the ports OpenSSL on FreeBSD. It'll be a non-issue once we're on FreeBSD 10 and the base is up-to-date.
That's kind of what I figured. Thanks for the confirmation.
-
It'll be a non-issue once we're on FreeBSD 10 and the base is up-to-date.
By then will the base still be up to date? ;)